/*     */ package com.zimbra.qa.unittest;
/*     */ 
/*     */ import com.zimbra.common.account.Key.AccountBy;
/*     */ import com.zimbra.common.account.Key.DomainBy;
/*     */ import com.zimbra.common.httpclient.HttpClientUtil;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.AuthToken;
/*     */ import com.zimbra.cs.account.Domain;
/*     */ import com.zimbra.cs.account.PreAuthKey;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.Server;
/*     */ import com.zimbra.cs.account.ZimbraAuthToken;
/*     */ import java.io.IOException;
/*     */ import java.io.PrintStream;
/*     */ import java.util.HashMap;
/*     */ import java.util.Map;
/*     */ import junit.framework.Assert;
/*     */ import junit.framework.TestCase;
/*     */ import org.apache.commons.httpclient.HttpClient;
/*     */ import org.apache.commons.httpclient.HttpException;
/*     */ import org.apache.commons.httpclient.HttpMethod;
/*     */ import org.apache.commons.httpclient.NameValuePair;
/*     */ import org.apache.commons.httpclient.StatusLine;
/*     */ import org.apache.commons.httpclient.methods.GetMethod;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public class TestPreAuthServlet
/*     */   extends TestCase
/*     */ {
/*  47 */   private static String PRE_AUTH_URL = "/service/preauth";
/*     */   
/*     */   String setUpDomain() throws Exception {
/*  50 */     String domainName = TestUtil.getDomain();
/*  51 */     Domain domain = Provisioning.getInstance().get(Key.DomainBy.name, domainName);
/*  52 */     String preAuthKey = PreAuthKey.generateRandomPreAuthKey();
/*  53 */     Map<String, Object> attrs = new HashMap();
/*  54 */     attrs.put("zimbraPreAuthKey", preAuthKey);
/*  55 */     Provisioning.getInstance().modifyAttrs(domain, attrs);
/*  56 */     return preAuthKey;
/*     */   }
/*     */   
/*     */   public static String genPreAuthUrl(String preAuthKey, String user, boolean admin, boolean shouldFail) throws Exception
/*     */   {
/*  61 */     HashMap<String, String> params = new HashMap();
/*  62 */     String acctName = TestUtil.getAddress(user);
/*  63 */     String authBy = "name";
/*  64 */     long timestamp = System.currentTimeMillis();
/*  65 */     long expires = 0L;
/*     */     
/*  67 */     params.put("account", acctName);
/*  68 */     params.put("by", authBy);
/*  69 */     params.put("timestamp", timestamp + "");
/*  70 */     params.put("expires", expires + "");
/*     */     
/*  72 */     if (admin) {
/*  73 */       params.put("admin", "1");
/*     */     }
/*  75 */     String preAuth = PreAuthKey.computePreAuth(params, preAuthKey);
/*     */     
/*  77 */     StringBuffer url = new StringBuffer(PRE_AUTH_URL + "?");
/*  78 */     url.append("account=" + acctName);
/*  79 */     url.append("&by=" + authBy);
/*  80 */     if (shouldFail)
/*     */     {
/*     */ 
/*     */ 
/*  84 */       long timestampBad = timestamp + 10L;
/*  85 */       url.append("&timestamp=" + timestampBad);
/*     */     } else {
/*  87 */       url.append("&timestamp=" + timestamp); }
/*  88 */     url.append("&expires=" + expires);
/*  89 */     url.append("&preauth=" + preAuth);
/*     */     
/*  91 */     if (admin) {
/*  92 */       url.append("&admin=1");
/*     */     }
/*  94 */     return url.toString();
/*     */   }
/*     */   
/*     */   void doPreAuthServletRequest(String preAuthUrl, boolean admin) throws Exception {
/*  98 */     Server localServer = Provisioning.getInstance().getLocalServer();
/*     */     String protoHostPort;
/*     */     String protoHostPort;
/* 101 */     if (admin) {
/* 102 */       protoHostPort = "https://localhost:" + localServer.getIntAttr("zimbraAdminPort", 0);
/*     */     } else {
/* 104 */       protoHostPort = "http://localhost:" + localServer.getIntAttr("zimbraMailPort", 0);
/*     */     }
/* 106 */     String url = protoHostPort + preAuthUrl;
/*     */     
/* 108 */     HttpClient client = new HttpClient();
/* 109 */     HttpMethod method = new GetMethod(url);
/*     */     try
/*     */     {
/* 112 */       int respCode = HttpClientUtil.executeMethod(client, method);
/* 113 */       int statusCode = method.getStatusCode();
/* 114 */       String statusLine = method.getStatusLine().toString();
/*     */       
/* 116 */       System.out.println("respCode=" + respCode);
/* 117 */       System.out.println("statusCode=" + statusCode);
/* 118 */       System.out.println("statusLine=" + statusLine);
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */     }
/*     */     catch (HttpException e)
/*     */     {
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/* 132 */       throw e;
/*     */     } catch (IOException e) {
/* 134 */       throw e;
/*     */     } finally {
/* 136 */       method.releaseConnection();
/*     */     }
/*     */   }
/*     */   
/*     */   private void doPreAuth(String userLocalPart, boolean admin, boolean shouldFail) throws Exception {
/* 141 */     String preAuthKey = setUpDomain();
/*     */     
/* 143 */     String preAuthUrl = genPreAuthUrl(preAuthKey, userLocalPart, admin, shouldFail);
/*     */     
/* 145 */     System.out.println("preAuthKey=" + preAuthKey);
/* 146 */     System.out.println("preAuth=" + preAuthUrl);
/*     */     
/* 148 */     doPreAuthServletRequest(preAuthUrl, admin);
/*     */   }
/*     */   
/*     */   public void testPreAuthServlet() throws Exception {
/* 152 */     doPreAuth("user1", false, false);
/* 153 */     doPreAuth("admin", true, false);
/* 154 */     doPreAuth("domainadmin", true, false);
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */   private Account dumpLockoutAttrs(String user)
/*     */     throws Exception
/*     */   {
/* 175 */     Account acct = Provisioning.getInstance().get(Key.AccountBy.name, user);
/*     */     
/* 177 */     System.out.println();
/* 178 */     System.out.println("zimbraAccountStatus: " + acct.getAttr("zimbraAccountStatus"));
/* 179 */     System.out.println("zimbraPasswordLockoutLockedTime: " + acct.getAttr("zimbraPasswordLockoutLockedTime"));
/*     */     
/* 181 */     System.out.println("zimbraPasswordLockoutFailureTime: ");
/* 182 */     String[] failureTime = acct.getMultiAttr("zimbraPasswordLockoutFailureTime");
/* 183 */     for (String ft : failureTime) {
/* 184 */       System.out.println("    " + ft);
/*     */     }
/* 186 */     return acct;
/*     */   }
/*     */   
/*     */   public void disable_testPreAuthLockout() throws Exception {
/* 190 */     String user = "user4";
/* 191 */     Account acct = TestUtil.getAccount(user);
/*     */     
/* 193 */     Provisioning prov = Provisioning.getInstance();
/*     */     
/* 195 */     Map<String, Object> attrs = new HashMap();
/*     */     
/* 197 */     int lockoutAfterNumFailures = 3;
/*     */     
/*     */ 
/* 200 */     attrs.put("zimbraPasswordLockoutEnabled", "TRUE");
/* 201 */     attrs.put("zimbraPasswordLockoutDuration", "1m");
/* 202 */     attrs.put("zimbraPasswordLockoutMaxFailures", lockoutAfterNumFailures + "");
/* 203 */     attrs.put("zimbraPasswordLockoutFailureLifetime", "30s");
/*     */     
/*     */ 
/*     */ 
/* 207 */     attrs.put("zimbraAccountStatus", "active");
/* 208 */     attrs.put("zimbraPasswordLockoutLockedTime", "");
/* 209 */     attrs.put("zimbraPasswordLockoutFailureTime", "");
/*     */     
/* 211 */     prov.modifyAttrs(acct, attrs);
/*     */     
/* 213 */     System.out.println("Before the test:");
/* 214 */     dumpLockoutAttrs(user);
/* 215 */     System.out.println();
/*     */     
/*     */ 
/* 218 */     for (int i = 0; i <= lockoutAfterNumFailures; i++) {
/* 219 */       System.out.println("======================");
/* 220 */       System.out.println("Iteration: " + i);
/*     */       
/* 222 */       doPreAuth(user, false, true);
/* 223 */       Account a = dumpLockoutAttrs(user);
/* 224 */       System.out.println("\n\n");
/*     */       
/* 226 */       if (i >= lockoutAfterNumFailures - 1) {
/* 227 */         assertEquals("lockout", a.getAttr("zimbraAccountStatus"));
/*     */       } else {
/* 229 */         assertEquals("active", a.getAttr("zimbraAccountStatus"));
/*     */       }
/*     */       
/* 232 */       Thread.sleep(2000L);
/*     */     }
/*     */   }
/*     */   
/*     */   public void testPreAuthAccountNotActive() throws Exception {
/* 237 */     String user = "user1";
/* 238 */     Account acct = TestUtil.getAccount(user);
/*     */     
/* 240 */     Provisioning prov = Provisioning.getInstance();
/*     */     
/* 242 */     Map<String, Object> attrs = new HashMap();
/* 243 */     attrs.put("zimbraAccountStatus", "maintenance");
/* 244 */     prov.modifyAttrs(acct, attrs);
/*     */     
/* 246 */     System.out.println("Before the test:");
/* 247 */     System.out.println("zimbraAccountStatus: " + acct.getAttr("zimbraAccountStatus"));
/* 248 */     System.out.println();
/*     */     
/*     */ 
/* 251 */     String preAuthKey = setUpDomain();
/* 252 */     String preAuthUrl = genPreAuthUrl(preAuthKey, user, false, false);
/*     */     
/* 254 */     System.out.println("preAuthKey=" + preAuthKey);
/* 255 */     System.out.println("preAuth=" + preAuthUrl);
/*     */     
/* 257 */     Server localServer = Provisioning.getInstance().getLocalServer();
/* 258 */     String protoHostPort = "http://localhost:" + localServer.getIntAttr("zimbraMailPort", 0);
/* 259 */     String url = protoHostPort + preAuthUrl;
/*     */     
/* 261 */     HttpClient client = new HttpClient();
/* 262 */     HttpMethod method = new GetMethod(url);
/*     */     try {
/* 264 */       int respCode = HttpClientUtil.executeMethod(client, method);
/* 265 */       int statusCode = method.getStatusCode();
/* 266 */       String statusLine = method.getStatusLine().toString();
/* 267 */       System.out.println("respCode=" + respCode);
/* 268 */       System.out.println("statusCode=" + statusCode);
/* 269 */       System.out.println("statusLine=" + statusLine);
/* 270 */       assertEquals(400, statusCode);
/*     */     }
/*     */     catch (HttpException e)
/*     */     {
/* 274 */       throw e;
/*     */     } catch (IOException e) {
/* 276 */       throw e;
/*     */     } finally {
/* 278 */       method.releaseConnection();
/*     */     }
/*     */     
/*     */ 
/* 282 */     attrs = new HashMap();
/* 283 */     attrs.put("zimbraAccountStatus", "active");
/* 284 */     prov.modifyAttrs(acct, attrs);
/*     */     
/* 286 */     System.out.println("After the test:");
/* 287 */     System.out.println("zimbraAccountStatus: " + acct.getAttr("zimbraAccountStatus"));
/* 288 */     System.out.println();
/*     */   }
/*     */   
/*     */   public void testShouldNotAllowPreAuthGetCookieReuse() throws Exception {
/* 292 */     Account account = TestUtil.getAccount("user1");
/* 293 */     AuthToken authToken = new ZimbraAuthToken(account);
/* 294 */     System.out.println(authToken.isRegistered());
/* 295 */     HttpClient client = new HttpClient();
/* 296 */     Server localServer = Provisioning.getInstance().getLocalServer();
/* 297 */     String protoHostPort = "http://localhost:" + localServer.getIntAttr("zimbraMailPort", 0);
/* 298 */     String url = protoHostPort + PRE_AUTH_URL;
/*     */     
/*     */ 
/* 301 */     HttpMethod method = new GetMethod(url);
/* 302 */     NameValuePair[] queryStringPairArray = { new NameValuePair("isredirect", "1"), new NameValuePair("authtoken", authToken.getEncoded()) };
/*     */     
/* 304 */     method.setQueryString(queryStringPairArray);
/* 305 */     int respCode = HttpClientUtil.executeMethod(client, method);
/*     */     
/*     */ 
/* 308 */     method = new GetMethod(url);
/* 309 */     method.setQueryString(queryStringPairArray);
/* 310 */     respCode = HttpClientUtil.executeMethod(client, method);
/* 311 */     Assert.assertEquals(400, respCode);
/*     */   }
/*     */   
/*     */   public static void main(String[] args)
/*     */     throws Exception
/*     */   {
/*     */     
/*     */     try
/*     */     {
/* 320 */       TestUtil.runTest(TestPreAuthServlet.class);
/*     */     } catch (Exception e) {
/* 322 */       System.out.println(e.getMessage());
/*     */     }
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/qa/unittest/TestPreAuthServlet.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */